New OS X Malware Spotted via Transmission BitTorrent App

Security researchers have discovered a new malware in OS X which was being spread via BitTorrent client application Transmission. According to the researchers at We Live Security, the new OS X malware dubbed OSX/Keydnap has been built to steal data of OS X’s keychain as well as “maintain a permanent backdoor.”

Researchers believe that it was distributed through a recompiled version of Transmission from the company’s official site. “OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website,” noted security researchers at We Live Security.

Notably, the Transmission team responded within minutes of receiving the malware notification and removed the malicious file from its server. Researchers however suggest those who downloaded Transmission v2.92 during August 28-29 2016 to verify the system for the presence specific files or directories available on the security website.

“If any of them exists, it means the malicious Transmission application was executed and that Keydnap is most likely running,” adds the security website.

The researchers point out that the new OS X malware OSX/Keydnap used the same technique as OS X ransomware discovered back in March.

In March, the first ever OS X ransomware spotted in the Transmission BitTorrent app was reported by Palo Alto Networks and once installed on the system, the infected app ran an embedded executable file on the system. Dubbed KeRanger, the ransomware encrypted files on the system and after completion of the process demanded to pay Bitcoin.